Looking for a particular kind of distro

[Bombastinator]

I want to virtualize win7 and have the Linux on it do the security stuff and protect the win7 client from intrusion while connected to the net.  Is there such a beast?

[Sauron]

That's not how any of this works, if you virtualize windows 7 your virtual machine will have any and all vulnerabilities that come with it. The host system has no way to prevent it. The only advantage in terms of security is that if your VM is infected the rest of your system should still be OK and you should be able to restore the VM from a snapshot; that doesn't really depend on what host distro you use.

[Bombastinator]

3 hours ago, Sauron said:

That's not how any of this works, if you virtualize windows 7 your virtual machine will have any and all vulnerabilities that come with it. The host system has no way to prevent it. The only advantage in terms of security is that if your VM is infected the rest of your system should still be OK and you should be able to restore the VM from a snapshot; that doesn't really depend on what host distro you use.

Drat.  Thanks though.

[wasab]

lol no

[FUIT1985]

On 5/29/2022 at 1:10 AM, Bombastinator said:

I want to virtualize win7 and have the Linux on it do the security stuff and protect the win7 client from intrusion while connected to the net.  Is there such a beast?

Only cyber insecurity is certain. You do not connect the VM Windows 7 to the Internet.

[Bombastinator]

1 hour ago, FUIT1985 said:

Only cyber insecurity is certain. You do not connect the VM Windows 7 to the Internet.

Yeah, it has to have something else in place upstream of it to do security and stuff because win7 can’t handle that anymore.  Win7 is a whole pile less obnoxious about datamining though. Maybe some hardened virtual server in a DMZ or something that does firewall and statefull inspection stuff and serves cleaned packets to the win7 (though apparently there’s a version of win10 that is also apparently an option). One person said that isn’t how it works though.

Edited June 5, 2022 by Bombastinator

[FUIT1985]

1 hour ago, Bombastinator said:

Yeah, it has to have something else in place upstream of it to do security and stuff because win7 can’t handle that anymore.  Win7 is a whole pile less obnoxious about datamining though. Maybe some hardened virtual server in a DMZ or something that does firewall and statefull inspection stuff and serves cleaned packets to the win7 (though apparently there’s a version of win10 that is also apparently an option). One person said that isn’t how it works though.

I read that in the 1990s a White House radius server was hacked through a zero-day attack (with phf exploit). So I don't know if a DMZ with two firewalls or 2 dns (in split horizon mode) or a PDC (or a Radius) can help you. I don't believe in cybersecurity in general. I would simply exclude the virtual machine from the internet.

[Bombastinator]

If one can’t use the internet without being hacked at will the entire internet is useless though.  No one should be on it.  Ever.  The whole purpose for this was to find a way to play video games without being datamined.  A lot of games won’t work without an internet connection though and a lot of games run only win7 or win10. If the machine can’t connect there’s no point in doing it in the first place.

[FUIT1985]

https://www.microsoft.com/en-US/windows/windows-7-end-of-life-support-information
 

The problem is that Windows 7 will no longer be updated. So if the games are compatible, you can use Windows 10 or 11.

 

Quote

<<In 2022 there have been 7 vulnerabilities in Oracle VM VirtualBox with an average score of 5.6 out of ten. Last year VM VirtualBox had 46 security vulnerabilities published. Right now, VM VirtualBox is on track to have less security vulnerabilities in 2022 than it did last year. Last year, the average CVE base score was greater by 0.72>> https://stack.watch/product/oracle/vm-virtualbox/

 

Edited June 5, 2022 by FUIT1985
virtualbox vulnerability list

[Bombastinator]

1 hour ago, FUIT1985 said:

https://www.microsoft.com/en-US/windows/windows-7-end-of-life-support-information
 

The problem is that Windows 7 will no longer be updated. So if the games are compatible, you can use Windows 10 or 11.

 

 

Yes.  This is known.  It is the WHY of this thing. The whole idea is to NOT use 10 or 11 at all because they have what is effectively malware baked into them. It’s like Facebook got all those problems and Microsoft said “hey! We want to have those problems too!”  They didn’t used to.  There is apparently a version of 10 made by people other than Microsoft which is basically win10 with the malware ripped out.  It apparently ONLY runs in VM though I may be wrong about that.  It’s my next choice if I can’t find a solution this way.

[FUIT1985]

11 minutes ago, Bombastinator said:

Yes.  This is known.  It is the WHY of this thing. The whole idea is to NOT use 10 or 11 at all because they have what is effectively malware baked into them. It’s like Facebook got all those problems and Microsoft said “hey! We want to have those problems too!”  They didn’t used to.  There is apparently a version of 10 made by people other than Microsoft which is basically win10 with the malware ripped out.  It apparently ONLY runs in VM though I may be wrong about that.  It’s my next choice if I can’t find a solution this way.

 

[Bombastinator]

5 hours ago, FUIT1985 said:

 

I am not sure why you mention this to me.  If it is an explanation of the point you are making I do not know what that point is.  I don’t keep anything important or useful on my games machine it makes me arguably immune to such things as ransomware as if I got some I would simply wipe my drives.  I am not of interest to any governments. Or even criminals.  I am a poor man.  I don’t have the kind of money that would make me interesting.   I merely don’t like being exploited. I get that windows is a fundamentally fragile system security wise. The only abuse I can really be subjected to is that of people sniffing through my data to figure out how to run social engineering attacks on me which is more or less what marketing data is. This is exactly the kind of thing Facebook and google, and now Microsoft do.  Microsoft has made OSes, specifically 7, that did not have this problem. 

Edited June 6, 2022 by Bombastinator

[FUIT1985]

3 hours ago, Bombastinator said:

I am not sure why you mention this to me.  If it is an explanation of the point you are making I do not know what that point is.  I don’t keep anything important or useful on my games machine it makes me arguably immune to such things as ransomware as if I got some I would simply wipe my drives.  I am not of interest to any governments. Or even criminals.  I am a poor man.  I don’t have the kind of money that would make me interesting.   I merely don’t like being exploited. I get that windows is a fundamentally fragile system security wise. The only abuse I can really be subjected to is that of people sniffing through my data to figure out how to run social engineering attacks on me which is more or less what marketing data is. This is exactly the kind of thing Facebook and google, and now Microsoft do.  Microsoft has made OSes, specifically 7, that did not have this problem. 

Exploits (especially zero day attacks) can be implemented by anyone. On YouTube you can find several tutorials made by kids.

 

3 hours ago, Bombastinator said:

Microsoft has made OSes, specifically 7, that did not have this problem. 

Really? I do not think so ...

Quote

An Actively Exploited Microsoft Zero-Day Flaw Still Has No Patch
The company continues to downplay the severity of the Follina vulnerability, which remains present in all supported versions of Windows. https://www.wired.com/story/microsoft-follina-vulnerability-windows-office-365/

 

Have a nice day.

[Bombastinator]

You think win7 has spyware baked into it?  Interesting. Its not completely without “call home” but the level of problem is just much smaller. Of so I have been given to understand.  Perhaps it is not true.  If that is the case the best available possibility is that VM only version of win10. 
 

No one and nothing can prevent zero day attacks except maybe air gap. (So live in a hole)  Or possibly security through obscurity, which is not something I would call reliable. So dealing with the internet at all means that level of risk.  It’s the same level for pretty much everything though and as such can be discounted as it’s not something that can functionally be avoided.  It’s a different kind of problem anyway.   Is it one to worry about? Sure

 

Air gap is simply not a viable option though.  You seem to be arguing against fighting the stuff at all as you seem to feel it is hopeless. Perhaps I merely choose to rage against the dying of the light.

[FUIT1985]

1 hour ago, Bombastinator said:

You think win7 has spyware baked into it?  Interesting. Its not completely without “call home” but the level of problem is just much smaller. Of so I have been given to understand.  Perhaps it is not true.  If that is the case the best available possibility is that VM only version of win10. 
 

No one and nothing can prevent zero day attacks except maybe air gap. (So live in a hole)  Or possibly security through obscurity, which is not something I would call reliable. So dealing with the internet at all means that level of risk.  It’s the same level for pretty much everything though and as such can be discounted as it’s not something that can functionally be avoided.  It’s a different kind of problem anyway.   Is it one to worry about? Sure

 

Air gap is simply not a viable option though.  You seem to be arguing against fighting the stuff at all as you seem to feel it is hopeless. Perhaps I merely choose to rage against the dying of the light.

I just suggested you not to use Windows 7 (and above all not to connect it to the internet) because it no longer receives security updates. You are free to do as you wish.

[10leej]

19 hours ago, Bombastinator said:

The whole purpose for this was to find a way to play video games without being datamined.

Play video games that don't datamine you. Don't install a game provider launcher like steam, Keep the games open source (not because it's secure, but because you can audit the code to find out if there's telemetry build it). Don't use discord (even in the browser window), instead use a client that can read the matrix protocol (not Element-Desktop though, use a client like nHeko or Fractal).

To make sure your not being spied upon always have a tool open watching all your outbound in inbound connections (I prefer iftop on the local machines, but pfsense can do that at the network firewall level). Audit system logs in /var/log and /home/$USER/.var/log

 

16 hours ago, Bombastinator said:

Yes.  This is known.  It is the WHY of this thing. The whole idea is to NOT use 10 or 11 at all because they have what is effectively malware baked into them.

MS Windows 7 has had all the same telemetry malware Windows 10 and 11 have built into them since service pack 1. If that's what concerns you, then just don't use Windows. Or just never connect MS Windows to the internet (even during installation).

[Bombastinator]

4 hours ago, FUIT1985 said:

I just suggested you not to use Windows 7 (and above all not to connect it to the internet) because it no longer receives security updates. You are free to do as you wish.

I agree with this.  It would have to be some sort of situation where there would be something between it and the internet. It would request a packet and a different system would go out and get it, look at it, decide if it was safe to hand off to the vm or not and then either do so, or not do so and hand over either nothing, or a dummy packet, depending on how things needed to be set up. A sort of super firewall with port forwarding.  The windows client would never actually connect to the raw internet though it might think it did.  It would be a difficult thing to make and quite slow if such a thing was even possible, hence my question about distros.  Seems it may not be though and may have really fundamental flaws such that it could not even be attempted because things don’t work that way.

Edited June 6, 2022 by Bombastinator

[FUIT1985]

1 hour ago, Bombastinator said:

I agree with this.  It would have to be some sort of situation where there would be something between it and the internet. It would request a packet and a different system would go out and get it, look at it, decide if it was safe to hand off to the vm or not and then either do so, or not do so and hand over either nothing, or a dummy packet, depending on how things needed to be set up. A sort of super firewall with port forwarding.  The windows client would never actually connect to the raw internet though it might think it did.  It would be a difficult thing to make and quite slow if such a thing was even possible, hence my question about distros.  Seems it may not be though and may have really fundamental flaws such that it could not even be attempted because things don’t work that way.

There is actually a difference between spying and tracking. Windows does not spy, but it does implement tracking. This is not a malware or a spyware but only tracking. Linux distributions can also track you (e.g. the popcon package). There are guides for setting up privacy in Windows, but when you run a third-party program, it can still track you. In fact, even opensource does not guarantee you not to be tracked (for example Audacity has been criticized - https://www.bbc.com/news/technology-57721967) . This doesn't mean that you shouldn't use the internet.

 

https://youtu.be/ZltM5thhAFU
 

On the other hand, with regard to the control of incoming or outgoing packets, if a Linux distribution or Windows is infected, a true hot analysis is not possible.
 

Quote

Hot Analysis <<It is quite possible for a subverted ps command to hide some processes, or for a subverted ls to hide files; sometimes even the kernel is compromised>> The Debian Administrator’s Handbook page 441

 

[Bombastinator]

I fail to see the difference when the tracking information is then sold.  If they were just using it to do research for their own future products that would be one thing.  Afaik that is what apple does.  It’s once removed, but it’s still using secrets about you to abuse you to make money.  It’s just that someone else is doing it.  If apple is selling the data to 3rd parties that is effectively spyware too.  It’s so profitable whole corporations are built on it.  Its why I won’t use Facebook or google products

[FUIT1985]

Tracking is not good, but it also exists with Linux or opensource in general. I'm sorry. I found an old article on Windows 7 tracking. So using a version of Windows or Linux that doesn't get security updates isn't convenient for you.

 

https://www.techradar.com/news/computing/pc/5-ways-windows-secretly-tracks-your-activities-1029906

 

I hope I have resolved your doubts.

[Bombastinator]

1 hour ago, FUIT1985 said:

Tracking is not good, but it also exists with Linux or opensource in general. I'm sorry. I found an old article on Windows 7 tracking. So using a version of Windows or Linux that doesn't get security updates isn't convenient for you.

 

https://www.techradar.com/news/computing/pc/5-ways-windows-secretly-tracks-your-activities-1029906

 

I hope I have resolved your doubts.

It’s not so much tracking, it’s tracking and selling the data acquired.  Tracking itself isn’t a big deal.  It’s the two put together. Raising your fist in the air isn’t a crime until you bring it into someone’s face. By splitting the collecting and abusing of data, it’s sort of the equivalent of the “stop hitting yourself” thing where you beat someone with their own limbs.

[wasab]

2 hours ago, Bombastinator said:

I fail to see the difference when the tracking information is then sold.  If they were just using it to do research for their own future products that would be one thing.  Afaik that is what apple does.  It’s once removed, but it’s still using secrets about you to abuse you to make money.  It’s just that someone else is doing it.  If apple is selling the data to 3rd parties that is effectively spyware too.  It’s so profitable whole corporations are built on it.  Its why I won’t use Facebook or google products

If you truly value privacy, you should not connect to the internet at all.